12e49584f18cd67b2a657f8301106503_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

12e49584f18cd67b2a657f8301106503_JaffaCakes118
Size

81KB
MD5

12e49584f18cd67b2a657f8301106503
SHA1

41ff3a7b3826f0265d5b9b0f91091184277c1c5b
SHA256

46c508db6d36dc5aa3b251be5ee8da6bda5a565c23d83f6179200523d278ec6f
SHA512

939adbbd106c72a9ffe6d1fe8c6f3eceec71da0973a86f8794618d1487c0afd2a28e02bcc6e88baafd4f7b6f1a9a8377570515b8eb4d55c690e402974aba2033
SSDEEP

1536:iRcXZuG1qNiJ5UjKQxKL5XGk/rBUbF9Z94p7NtYpVEbPeK:iqpzqNK5UjuxRc9rNpVqeK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12e49584f18cd67b2a657f8301106503_JaffaCakes118

Files

12e49584f18cd67b2a657f8301106503_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f0173000898122e3c30e0d6b44bf56a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc

user32

PeekMessageA
PostMessageW
PostQuitMessage
RegisterClassA
ReleaseDC
RemoveMenu
MsgWaitForMultipleObjects
SetFocus
SetForegroundWindow
SetTimer
SystemParametersInfoA
TrackPopupMenuEx
TranslateMessage
wsprintfA
LoadStringA
LoadMenuA
LoadIconW
LoadIconA
KillTimer
GetSubMenu
GetForegroundWindow
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
EnableWindow
EnableMenuItem
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DefWindowProcA
CreateWindowExA
CharNextA
SendMessageW

gdi32

GetStockObject
GetTextExtentPoint32W

advapi32

GetFileSecurityW
SetFileSecurityW
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegEnumValueA
RegEnumKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
GetUserNameA

msvcrt

_CIpow
_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_adjust_fdiv
_beginthreadex
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_ltow
_onexit
_purecall
_snwprintf
_stricmp
_strnicmp
_ultow
_vsnprintf
_vsnwprintf
_wcmdln
_wcsicmp
_wcslwr
_wcsnicmp
_wcsupr
_wfopen
_wfullpath
_wsplitpath
_wtoi
_wtoi64
_wtol
abs
atoi
atol
bsearch
ceil
exit
fclose
floor
free
fwprintf
isdigit
isspace
iswalnum
iswascii
iswcntrl
iswdigit
iswspace
isxdigit
malloc
memcmp
memcpy
memmove
memset
qsort
rand
realloc
srand
strchr
strncpy
swprintf
swscanf
toupper
towlower
towupper
wcscat
wcschr
wcscmp
wcscpy
wcscspn
wcslen
wcsncmp
wcsncpy
wcspbrk
wcsrchr
wcsspn
wcsstr
wcstombs
wcstoul

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata11
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata10
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata9
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0173000898122e3c30e0d6b44bf56a1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 512B - Virtual size: 200B

.rdata11 Size: 512B - Virtual size: 100B

.rdata10 Size: 512B - Virtual size: 100B

.rdata9 Size: 512B - Virtual size: 100B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 56KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 512B - Virtual size: 200B

.rdata11
Size: 512B - Virtual size: 100B

.rdata10
Size: 512B - Virtual size: 100B

.rdata9
Size: 512B - Virtual size: 100B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 56KB